Ransomware Archives

Tech Optimizer

April 5, 2025

I put Trend Micro and McAfee antivirus in a head to head showdown – here’s how it went

McAfee and Trend Micro are two antivirus software options with distinct features. Specifications: - McAfee costs per year for a single user; Trend Micro starts at per year for 2 adults and 4 children. - McAfee supports Windows 10 and 11; Trend Micro supports Windows 8.1 to 11. - Malware protection is rated as good for McAfee and adequate for Trend Micro. - Both do not offer backup software. - System resource usage is light to heavy for both. Costs and Coverage: - Both do not have a free tier but offer a 30-day trial. - Trend Micro's entry-level Antivirus + Security is priced at , while McAfee's Basic plan typically retails for for a single device. - Trend Micro offers packages for 3 devices, 5 systems, and 10 systems, while McAfee's plans cover up to two adults and four children. Antivirus Protection: - Trend Micro uses heuristic behavioral analysis, while McAfee employs cloud-based infrastructure and machine learning. - Both provide periodic updates, but McAfee features Ransom Guard for monitoring file changes. Antivirus Performance: - McAfee has a 99.8% protection rate; Trend Micro has a 98.1% rate. - McAfee has fewer false positives (10) compared to Trend Micro (76). Security and Privacy Features: - Trend Micro includes a Firewall Booster; McAfee emphasizes phishing protection and personal data privacy. Performance and System Impact: - Trend Micro has minimal impact on system resources; McAfee uses more resources during scans. Interface: - Trend Micro's interface is user-friendly; McAfee's interface is simplified but less customizable. Installation and Support: - McAfee's installation takes under five minutes; Trend Micro's takes over twelve minutes. - McAfee offers 24/7 support; Trend Micro's support is limited to business hours unless on a premium plan. Overall, McAfee is rated higher in performance and features, while Trend Micro is noted for its efficient resource management and user-friendly interface.

Tech Optimizer

April 4, 2025

My takeaway when it comes to antivirus software and gaming

Antivirus software can slow down a PC during gaming, with performance dips ranging from negligible to about 20 percent during routine monitoring, and up to 57 percent during full or partial scans. Despite the potential for improved performance by disabling antivirus software, security experts advise against it due to ongoing threats like viruses and malware. Instances of malware in downloadable game files and phishing scams targeting gaming communities highlight the importance of maintaining antivirus protection. Gamers can consider antivirus solutions designed for gaming that minimize system impact, schedule scans for non-gaming times, and create exclusion lists for game files to enhance performance while ensuring security.

Tech Optimizer

April 3, 2025

1,500+ PostgreSQL Servers Compromised With Fileless Malware Attack

A cryptojacking campaign has targeted over 1,500 organizations by exploiting inadequately secured PostgreSQL database servers. The attackers, identified as JINX-0126, use advanced techniques including credential brute-forcing and fileless execution to deploy Monero (XMR)-mining malware. Approximately 30% of cloud-hosted PostgreSQL servers are affected due to weak or default credentials. The attackers execute commands using PostgreSQL’s COPY FROM PROGRAM function, bypassing standard detection mechanisms. They have been linked to three cryptocurrency wallets with around 550 active mining workers, generating a hashrate of 4.04 GH/s and approximately €10.40 per hour in XMR revenue. The attack begins with credential spraying against default accounts, followed by an SQL injection to fetch the payload. The malware operates in memory, modifies PostgreSQL’s configuration to maintain persistence, and creates cron jobs for reactivation. The campaign reveals significant security gaps in cloud environments, with recommendations for improved access controls and monitoring.

Winsage

April 3, 2025

Is Windows 11 Finally Better Than Windows 10 For Gaming?

Windows 11 has introduced several gaming-focused enhancements that are not present in Windows 10, including: - DirectStorage: Optimized for Windows 11, this technology allows games to load data directly from an NVMe SSD to the GPU, reducing load times. - Auto HDR: Enhances older games by automatically applying high dynamic range lighting effects for users with HDR-capable monitors. - Improved Scheduling for Hybrid CPUs: Offers better task scheduling for Intel's 12th or 13th generation CPUs, resulting in smoother frame rates during CPU-intensive gaming sessions. Benchmark tests show minimal performance differences between Windows 10 and Windows 11, with slight FPS improvements in some titles on Windows 11, especially when using advanced hardware and DirectStorage. As of March 2025, over 55% of Windows users on Steam have transitioned to Windows 11, indicating growing confidence in the operating system among gamers. Windows 11 has addressed many early bugs and driver issues, providing robust stability on compatible systems. Windows 11 has stricter hardware requirements than Windows 10, including the need for TPM 2.0 and UEFI secure boot. Windows 10 remains supported until October 2025, making it a viable option for users with older hardware. Windows 11 features a redesigned interface with a centered Start Menu and Taskbar, rounded corners, and expanded personalization options. It also simplifies the update process with annual feature updates and smaller, faster security updates. Windows 11 enhances integration with Microsoft services, supports Android apps through the Amazon Appstore, and introduces productivity tools like Snap Layouts and improved Task View. Security improvements include mandatory TPM 2.0, enhanced Windows Defender, and a redesigned privacy dashboard for better user control over app permissions. Despite its advancements, Windows 11 has limitations such as ongoing stability issues, driver compatibility concerns, and a simplified taskbar that lacks certain functionalities from Windows 10. Windows 11 is available as a free upgrade for eligible Windows 10 devices through Windows Update.

Tech Optimizer

April 2, 2025

Shield up to 5 devices from the evil internet with McAfee Total Protection

McAfee Total Protection offers a two-year subscription for less than , covering up to five Apple devices, significantly reduced from the regular price of 9. The subscription includes AI-powered antivirus protection, a virtual private network, web protection, identity theft protection, and personalized safety education. It also features a password manager, personal data exposure protection, and credit monitoring. This limited-time offer allows stacking of codes for up to ten years of coverage, but the software can only be added to a maximum of five devices at once.

Tech Optimizer

April 1, 2025

There are over 1 billion malware programs

There are over 1 billion distinct malware threats in cyberspace. Antivirus software is essential for identifying and eliminating threats, acting as a frontline defense against various malicious entities, including ransomware. A security offer allows protection for up to five devices at an affordable price, enhancing security for households or small businesses.

Tech Optimizer

April 1, 2025

This Antivirus Software Is So Strong That It Will Humiliate The Bad Guys Of The Cyber World (50% Off)

Bitdefender offers comprehensive protection against current and emerging online threats with a lightweight design that maintains device performance. It is currently providing a 50% discount on its multi-device bundles, including the Total Security bundle, which covers up to five devices across various platforms for an introductory price. The Internet Security and Antivirus Plus bundles are also available at discounted rates for Windows PCs. All bundles include features like File Shredder, Social Network Protection, and safe online banking through Safepay. Bitdefender utilizes advanced AI technology to predict and neutralize threats while optimizing device performance.

Tech Optimizer

March 31, 2025

Traditional EDR can’t keep up with modern cyber threats

By 2025, the global cost of cybercrime is projected to reach .5 trillion annually. Many organizations continue to use outdated Endpoint Detection and Response (EDR) solutions, which are increasingly ineffective against sophisticated cyber threats. EDR was introduced in 2013 but has struggled to keep pace with evolving attack techniques. Traditional EDR is reactive, responding to incidents after they occur, and relies on known Indicators of Compromise (IoCs), which limits its effectiveness. Real-world examples of traditional EDR failures include a misconfigured update to CrowdStrike’s Falcon EDR causing an IT outage, the Akira ransomware exploiting an unsecured webcam, the Medibank breach despite multiple alerts from EDR, and the BlackCat ransomware attack on Henry Schein. These incidents highlight the inadequacy of traditional EDR in preventing modern threats. The next phase of endpoint security is Preemptive Endpoint Protection (PEP), which actively prevents attacks rather than just detecting and responding to them. PEP utilizes proactive strategies like Automated Moving Target Defense (AMTD) and Adaptive Exposure Management (AEM), and research indicates that organizations using proactive security save 30% more on breach costs compared to those relying solely on reactive measures.

Tech Optimizer

March 31, 2025

Ransomware crews add EDR killers to their arsenal

Antivirus and endpoint security tools are increasingly challenged by ransomware groups that use sophisticated strategies to disable defenses early in attacks. Cisco Talos reported that in nearly half of the ransomware incidents they handled in 2024, attackers successfully employed "EDR killers" to neutralize endpoint detection and response (EDR) systems, achieving success 48 percent of the time. Tools such as EDRSilencer, EDRSandblast, EDRKillShifter, and Terminator pose significant threats to organizational security. EDRKillShifter exploits vulnerable drivers on Windows machines to terminate EDR products, a tactic observed in operations by rival gangs like Medusa, BianLian, and Play. The primary goal of these tools is to disable EDR protections, allowing attackers to operate undetected, complicating system recovery efforts. Recovery often requires wiping and rebuilding entire networks if robust backups are available. Some EDR killers, like HRSword, are legitimate software tools misused by ransomware actors to disable endpoint protection systems. Attackers have exploited misconfigured systems, particularly EDR products set to audit-only mode, which detect but do not block malicious activity. LockBit has remained the most active ransomware-as-a-service group for the third consecutive year, accounting for 16 percent of claimed attacks in 2024. Newcomer RansomHub secured the second position with 11 percent of posts to leak sites. The effectiveness of law enforcement actions plays a significant role in shaping the ransomware landscape.

Winsage

March 29, 2025

Hackers Bypass Windows Defender Security—What You Need To Know

Elite red team hackers have revealed a significant vulnerability in the Windows ecosystem, specifically a method to bypass Windows Defender Application Control (WDAC), which is designed to restrict application execution to trusted software. Bobby Cooke from IBM X-Force Red confirmed that the Microsoft Teams application was successfully targeted to bypass WDAC, allowing the execution of a Command and Control payload. The techniques used included utilizing "Living Off The Land Binaries" (LOLBINS), side-loading a trusted application with an untrusted dynamic linked library, exploiting a custom exclusion rule from a client WDAC policy, and discovering a new execution chain within a trusted application. Microsoft acknowledged awareness of the WDAC bypass report and stated they would take action as needed to protect customers.